<!DOCTYPE html>
<html lang="en">
<head>
  <meta charset="UTF-8">
  <title>Account - Metasploit API</title>
  <link rel="stylesheet" type="text/css" href="/msf-ws.css">
</head>
<body>

<script type="text/javascript">
    function getNewApiToken() {
        loadDoc("POST", "<%= Msf::WebServices::AuthServlet.api_generate_token_path %>", function(xhr) {
            var response = JSON.parse(xhr.responseText);
            document.getElementById("api-token").innerHTML = response.data.token;
        }, errorHandler);
        event.preventDefault();
    }

    function errorHandler(xhr) {
        if (xhr.status == 401) {
            window.location.reload(true);
        }
    }

    function loadDoc(method, url, callback, errorCallback) {
        var xhr = new XMLHttpRequest();
        xhr.onreadystatechange = function() {
            if (this.readyState == 4) {
                if (this.status == 200) {
                    callback(this);
                } else if (this.status >= 400) {
                    errorCallback(this);
                }
            }
        };
        xhr.open(method, url, true);
        xhr.send();
    }
</script>

<ul>
  <% if warden.authenticated?(:user) %>
    <li class="dropdown-menu">
      <a href="javascript:void(0)" class="dropdown-btn"><%= warden.user(:user).username %></a>
      <div class="dropdown-content">
        <a href="#" onclick="getNewApiToken();">Generate New API Token</a>
        <a href="<%= Msf::WebServices::AuthServlet.api_logout_path %>">Log Out</a>
      </div>
    </li>
  <% else %>
    <li><a href="<%= Msf::WebServices::AuthServlet.api_login_path %>">Log In</a></li>
  <% end %>
  <li><a href="<%= Msf::WebServices::ApiDocsServlet.html_path %>">API Documentation</a></li>
</ul>

<div style="padding:20px;">
  <h1>Metasploit API Account</h1>

  <% if warden.authenticated?(:user) %>
    <div id="api-token-label" class="api-token">Current API Token:</div>
    <div id="api-token" class="api-token">
      <%= !warden.user(:user).nil? && !warden.user(:user).persistence_token.nil? ? warden.user(:user).persistence_token : 'none' %>
    </div>
  <% else %>
    <div id="not-logged-in-label">You are not currently logged in. Please click <a href="<%= Msf::WebServices::AuthServlet.api_login_path %>">here</a> to be taken to the login page.</div>
  <% end %>
</div>

</body>
</html>
